While ransomware remains a top threat, it is not the only cybersecurity problem data backup admins need to keep on their radar. Here are three more challenges for which to prepare.

Ransomware is one of the major cybersecurity challenges affecting data backup administrators. In general, backup admins are charged with ensuring that data is backed up and secured successfully, while ensuring backup images aren't compromised. With the increasing use of public cloud as a backup target, protecting and securing data is becoming more of a challenge.

Encryption key management. With on-premises backup software, data is typically encrypted by the backup software for tape-based targets or is not encrypted at all for disk-based targets. Only data moving off site is classified as needing encryption.

With the move to public cloud as a backup target, data has to be encrypted, while remaining accessible for restore in a range of situations. This means encryption key management has to be thought through in more detail. It's possible to use a cloud provider's keys, a providers' key management system or user-supplied keys. In all of these instances, how data is protected has to be determined by how those backups will be used in the future.

Credentials management. While backup and restore was previously managed through backup software, the capability of the public cloud to expose data to multiple platforms and users means a review of user access profiles is required.

In the past, a backup administrator would control all backup and restore tasks and perhaps expose some functionality for user-based restores. Now, data stored in the public cloud can be accessed for other purposes, such as seeding test/dev and search/analytics.

Determining access to data is more complex and requires a new level of thinking and integration with existing directory management offerings.

Auditing and compliance. As a complement to the above points, tracking usage becomes more imperative when facing cybersecurity challenges. At the basic level, being able to tell which users have accessed backup data is the first step in ensuring accurate audit information that can be used for compliance purposes. However, if compromised, data access is a risk for any organization. Even more than before, access to backups needs to be logged and tracked.

Join the conversation

1 comment

Register

I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

Please check the box if you want to proceed.

I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.